From e03f1407493fdf9e43182ea10a95049401d2e4f4 Mon Sep 17 00:00:00 2001
From: Shreya Malviya <shreya.malviya@gmail.com>
Date: Tue, 16 Aug 2022 13:14:29 +0530
Subject: [PATCH] Agent: Add function to publish credentials stolen event in
 Mimikatz credential collector

---
 .../mimikatz_credential_collector.py                   | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py b/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
index fd6a05218..43bb6bcc7 100644
--- a/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
+++ b/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
@@ -3,6 +3,7 @@ from typing import Sequence
 
 from common.credentials import Credentials, LMHash, NTHash, Password, Username
 from common.event_queue import IEventQueue
+from common.events import CredentialsStolenEvent
 from infection_monkey.i_puppet import ICredentialCollector
 from infection_monkey.model import USERNAME_PREFIX
 
@@ -64,3 +65,12 @@ class MimikatzCredentialCollector(ICredentialCollector):
                 credentials.append(Credentials(identity, None))
 
         return credentials
+
+    def _publish_credentials_stolen_event(self, collected_credentials: Sequence[Credentials]):
+        credentials_stolen_event = CredentialsStolenEvent(
+            target=None,
+            tags=frozenset(MIMIKATZ_EVENT_TAGS),
+            stolen_credentials=collected_credentials,
+        )
+
+        self.event_queue.publish(credentials_stolen_event)